<?php

$sukurti = "
CREATE TABLE `".LENTELES_PRIESAGA."knyga` (
  `id` int(11) NOT NULL auto_increment,
  `nikas` varchar(150) collate utf8_lithuanian_ci NOT NULL,
  `msg` varchar(250) collate utf8_lithuanian_ci NOT NULL,
  `time` datetime NOT NULL,
  PRIMARY KEY  (`id`),
  UNIQUE KEY `msg` (`msg`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_lithuanian_ci AUTO_INCREMENT=7 ;";

//mysql_query1($sukurti);

if (isset($url['p']) && isnum($url['p']) && $url['p'] > 0) { $p = escape(ceil((int)$url['p'])); } else { $p = 0; }
$limit = 10;
$viso = kiek("knyga");


//jei tai moderatorius
if (defined("LEVEL") && LEVEL >= 20) {
        //jei adminas paspaude trinti
        if (isset($url['d']) && !empty($url['d']) && isnum($url['d'])) {
                $id = (int)$url['d'];
                mysql_query1("DELETE FROM `".LENTELES_PRIESAGA."knyga` WHERE `id` = ".escape($id)." LIMIT 1");
                if (mysql_affected_rows() > 0) { msg("Administravimas","Žinutė: $id ištrinta","informacija"); } else { klaida("Klaida","Žinutė nebuvo pakeista"); }
                redirect("?id,".(int)$_GET['id'].";p,$p",'header');
        }
        //Jei adminas paspaude redaguoti
        if (isset($url['r']) && !empty($url['r']) && $url['r'] > 0 && isnum($url['r'])) {
                $nick = $_SESSION['username']; $nick_id = $_SESSION['id'];
                if(empty($_POST)) {
                        $msg = mysql_fetch_assoc(mysql_query1("SELECT `msg` FROM `".LENTELES_PRIESAGA."knyga` WHERE `id`=".escape(ceil((int)$url['r']))." LIMIT 1"));
                        $msg = '<form name="knyga_edit" action="" method="post">
                                        <textarea name="msg" rows="3" cols="25" wrap="on" style="width:265px">'.input($msg['msg']).'</textarea>
                                        <br />
                                        <input type="submit" name="knyga" value="Redaguoti" />
                                        </form>
                                        ';

                        $text = $msg;
                        lentele("Žinutės redagavimas",$text);
                }
                elseif (isset($_POST['knyga']) && $_POST['knyga'] == 'Redaguoti' && !empty($_POST['msg'])) {
                        $msg = trim($_POST['msg'])."\n[sm][i]Redagavo: ".$_SESSION['username']."[/i][/sm]";
                        mysql_query1("UPDATE `".LENTELES_PRIESAGA."knyga` SET `msg` = ".escape($msg)." WHERE `id` =".escape($url['r'])." LIMIT 1");
                        if (mysql_affected_rows() > 0) { msg("Informacija","Žinutė sėkmingai pakeista"); } else { klaida("Klaida","Žinutė nebuvo pakeista"); }
                        //redirect("?id,9;p,$p#".escape($url['r'])."","meta");
                }
        }
}
//Atvaizduojam pranesimus su puslapiavimu - LIMITAS nurodytas virsuje
$sql2 = mysql_query1("SELECT * FROM `".LENTELES_PRIESAGA."knyga` ORDER BY `time` DESC LIMIT $p, $limit");
if ($viso > $limit) { lentele("Puslapiai",puslapiai($p,$limit,$viso,10)); }

$text = '';
while ($row = mysql_fetch_assoc($sql2)) {
        $extra = '';
        if (defined("LEVEL") && LEVEL == 30) { $extra .= "<a href='".url("d,".$row['id']."")."'><img src='images/icons/bullet_delete.png' alt='[d]' title='trinti' class='middle' border='0' /></a> <a href='".url("r,".$row['id']."")."'><img src='images/icons/bullet_orange.png' alt='[r]' title='redaguoti' class='middle' border='0' /></a>  "; }
        else { $extra = ''; }
        $text .= "<div class=\"title\"><em><a href=\"?id,".(int)$_GET['id'].";p,$p#".$row['id']."\" name=\"".$row['id']."\" id=\"".$row['id']."\"><img src=\"images/icons/bullet_black.png\" alt=\"#\" class=\"middle\" border=\"0\" /></a> ".input($row['nikas'])." $extra (".$row['time'].") - ".kada($row['time'])."</em></div><div class=\"sarasas\">".smile(bbchat($row['msg']))."</div><br/>";

}

if (isset($_POST['knyga']) && $_POST['knyga'] == 'Siųsti' && strtoupper($_POST['code'])==$_SESSION['code'] && !empty($_POST['zinute']) && !empty($_POST['vardas'])) {
	$msg = htmlspecialchars($_POST['zinute']); 
	$nick = $_POST['vardas']; 

	mysql_query1("INSERT INTO `".LENTELES_PRIESAGA."knyga` (`nikas`, `msg`, `time` ) VALUES (".escape($nick).", ".escape($msg).", NOW());");

	header('Location: ?id,'.(int)$_GET['id']);
}

$forma = '
 <form name="knyga" action="" method="post">
 Vardas:<br />
 <input type="text" name="vardas" value="'.(isset($_SESSION['username']) && !empty($_SESSION['username'])?input($_SESSION['username']):'').'" size="20" style="width:90%;"><br />
 Žinutė:<br />
		<textarea name="zinute" rows="3" cols="10" style="width:90%"></textarea>
		<br />Saugos kodas:<br />
		<input type="text" name="code" value="" size="20" style="float:left;height:38px;text-align:center;text-transform:uppercase;font-weight:bold;vertical-align:middle"> &nbsp; &nbsp; <img src="priedai/human.php" style="" border="1"><br />

		<br />
		<input type="submit" name="knyga" value="Siųsti" />
		</form>
';

hide("Rašyti",$forma,'knyga',false);
lentele("Svečių knyga",$text);

if ($viso > $limit) { lentele("Puslapiai",puslapiai($p,$limit,$viso,10)); }
unset($extra,$text,$forma);
//PABAIGA - atvaizdavimo

?>